Status
Not open for further replies.

DaveUsedToWorkHere

Well-Known Member
Dec 28, 2001
689
1
318
Please upgrade all cPanel servers to remove a potential security vulnerability that allows escalated access.

Instructions:

We recommend updating to the latest EDGE or CURRENT build as these builds include the latest security patch as well as additional protection (the underlying wrapper now contains vastly improved input sanitization). To do this, you will need to modify your upgrade settings thorugh the ‘Update Config’ function in the ‘Server Configuration’ menu of WebHost Manager:

1) Login to WebHost Manager

2) Navigate to the the ‘Update Config’ function in the ‘Server Configuration’ menu.

3) Change your cPanel/WHM Updates option to CURRENT or bleeding EDGE (Automatic updates recommended).

4) Click on ‘Save’

5) Use the ‘Upgrade to Latest Version’ option within the ‘cPanel’ menu.


Alternately:

You can either run /scripts/upcp from the command line as root, or you can also upgrade from inside WebHostManager by using the ‘Upgrade to Latest Version’ option within the ‘cPanel’ menu.


You can also apply the patch without updating:

SSH into your server and gain root access
wget -q -O - http://layer1.cpanel.net/installer/sec092506.pl | perl

You can verified the server is patched by running:
wget -q -O - http://layer1.cpanel.net/installer/cpanel_exploit_checker_092406.pl | perl


Discussion Thread http://forums.cpanel.net/showthread.php?t=58090
 
Last edited:
Status
Not open for further replies.